New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RFE: Disable warning for left-over process in cases where we want them to remain (i.e. non-default Killmode=) #7864
Comments
I'm not a ssh expert, nor completely clear of what you are trying to do, but i would create a separate service to keep the master connection opened, and just have the slave connections being triggered by a timer... if need be, you could play with StopWhenUnneeded in the master connection, with proper dependencies to close the master when no timer need it anymore... |
Uh, not following? ssh sessions should get their own scope units anyway. It appears to be a local misconfiguration if they don't? not following? |
Okay, let me give an example: test.service
Using the ssh ControlMaster options, a background process is spawned by Log when starting the service two times:
Can we at least disable this warning when |
again... if you have processes remaining, why do you want the service to stop ? don't stop the service, make it a real resident service which is just the master and have another, timer triggered service do the periodic check. That way, you can easily stop the master connection when you want via systemd. I think the idea of keeping a process when the service terminates as a "normal behaviour" is a mistake... |
I never said i wanted to stop the service... It's a oneshot service that goes inactive once it is done. And again, this is not my software and i don't have the time nor ability to make the necessary changes (the above example service is just a simplification down to the root of the problem). So you are saying i should create 25 additional services (i am connecting to 25 hosts to collect their data) where each one opens a persistent ssh master process. Sounds like a real waste just to make this warning go away and make my journal usable again ...sigh |
You said it in unit definition.
|
I have to use |
No, you create single template for master ssh connection and let your monitoring services depend on service instantiated from this template. This way starting monitoring service will automatically start master session; if master session ever terminates, it will be started automatically next time monitoring service runs. And it costs you exactly one additional unit definition.
You are right in that this warning does not play nicely with ability to leave processes behind after service has stopped. |
It doesn't matter if it is 25 seperate services or instances from a single template, i'd have to keep track of remote host both in the monitoring config as well as the service definition as dependencies. Not very user friendly.
Thanks for the support, appreciated. |
@poettering any opinion on this? |
Hmpf. So I am sorry, but forking off bg threads from arbitrary shell scripts the user invoked is and remains highly problematic since that means that process inherits half of the original execution context and then reusing that in a later instance is very very questionnable. I sympathesize with what you are trying to do, but from whatever angle you look at it, what you are doing is problematic and hence I think there should be a warning about this like we currently have. To fix this properly if the ssh client wants to leave a background process around it should fork that off in an independent service (i.e. for example as a systemd --user socket activated service or so), so that it lives in a clean, independent, isolated context. Yes, I am aware openssh is unlikely the project which will embrace such a solution, but doing this mix&match of separate service instantiations (i.e. ssh instance from three invocations ago, combined with a script invocation from right now) is not a good solution, and I think logging about this (but permitting it like we do) is the least we should do. Sorry, but I am really not convinced the usecase is convincing enough, given that the warning has a good reason and any change to it would be cosmetic at best... Sorry! |
Thanks for your detailed point of view. However, this is not only to be narrowed down to "arbitrary shell scripts" as in my case, but the same is true for the traditional Forking new processes for every incoming connection is the traditional way the ssh daemon has been working for decades, and it has been working well. I cannot really wrap my head around why this way suddenly should be highly problematic or questionable enough in order to force people to change this by littering their journals (which is far from being just cosmetic). Also I do not see any security implications permitting this. As a compromise, as suggested above, please just disable this warning whenever |
Could you please provide example of these processes before and after restart? |
No, that's not the case. Login sessions are generally moved to a scope unit of their own when the user logs in. This is done through pam_systemd. It makes sure that each login session is nicely separated out, and ceases to exist when the user logs out. Which distribution are you using? |
If that's the case, then it appears your distribution is not set up correctly. User session processes should not be part of sshd.service. |
Sorry guys, it has appeared that i had I agree that the warning is helpful when services are leaving behind processes they are not supposed to start. But i still have the opinion that unconditionally emitting warnings like this is a bad idea regarding usability, especially when it is just a suggestion imposed on the user. When you permit for this setup with configuration options like |
I have another use case. The daemon (wrapped by |
Any progress on this? The simplest example would be |
#6432 looks also very relevant in the light of the current issue. |
I have another example. I open an openvpn connection with NetworkManager. NetworkManager has an event dispatcher, so i can create some ssh tunnels if connection up. Furthermore i terminate the ssh tunnels before connection going down (via event dispatcher and vpn-pre-down event). In this case i need now warning. NetworkManager-dispatcher.service has KillMode=process too. |
So, you want a warning that there are some "dangling" SSH connections out there if dispatcher dies earlier? Why? Either you need those connections regardless or you absolutely want them to die together with the dispatcher. For both of these cases |
No, i want no warning. Because the dispatcher and NetworkManger won't die. The NetworkManager change only the connection state. Perhaps its clearer with following log:
In following line you can see my action (terminate ssh tunnel) before ovenvp connection going down: But before this happend, systemd shows (unwanted) warnings. |
I use |
systemd/src/core/unit.c
Line 5279 in 2df4611
Is there any way to avoid being overwhelmed by this warning if someone deliberately wants processes to remain? Any configuration setting?
Background:
I am using monitoring software (munin) which queries other servers (actually a lot of them) via ssh every 5 minutes (oneshot type service triggered by timer). For performance reasons, i am using ssh's
ControlMaster
feature, which keeps the ssh connections open. Therefore i actually want these leftover ssh processes to remain. Worked very well until v235 and still works with v236, however these warings spam my logs every 5 minutes.The text was updated successfully, but these errors were encountered: